[SCM] httpcomponents-client: HTTP/1.1 compliant HTTP agent Java implementation branch, master, updated. debian/4.2.1-2-13-g22568d1

Wed May 8 11:05:07 UTC 2013

The following commit has been merged in the master branch:
commit 05eff63871c281c51666640e37e78e96924e96e6
Author: Damien Raude-Morvan <drazzib at debian.org>
Date:   Wed May 8 00:18:14 2013 +0200

    d/patches/02-700268.patch: Drop, included in upstream release.

diff --git a/debian/changelog b/debian/changelog
index f47cafc..7972420 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,6 +2,7 @@ httpcomponents-client (4.2.5-1) unstable; urgency=low
 
   * New upstream release.
   * d/rules: Add get-orig-source target.
+  * d/patches/02-700268.patch: Drop, included in upstream release.
 
  -- Damien Raude-Morvan <drazzib at debian.org>  Tue, 07 May 2013 23:58:33 +0200
 
diff --git a/debian/patches/02-700268.patch b/debian/patches/02-700268.patch
deleted file mode 100644
index 7627e31..0000000
--- a/debian/patches/02-700268.patch
+++ /dev/null
@@ -1,91 +0,0 @@
-Description: Corrects security defect: 
- Wildcard matching in hostname verifier incorrect
-Source: https://fisheye6.atlassian.com/rdiff/httpcomponents?csid=1406213&u&N
-Forwarded: not-needed
-
-Index: httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java
-===================================================================
-diff -u -N -r1356672 -r1406213
---- a/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java	(.../TestHostnameVerifier.java)	(revision 1356672)
-+++ b/httpclient/src/test/java/org/apache/http/conn/ssl/TestHostnameVerifier.java	(.../TestHostnameVerifier.java)	(revision 1406213)
-@@ -300,7 +300,7 @@
-     }
- 
-     @Test
--    public void HTTPCLIENT_1097() {
-+    public void testHTTPCLIENT_1097() {
-         String cns[];
-         String alt[] = {};
-         X509HostnameVerifier bhv = new BrowserCompatHostnameVerifier();
-@@ -318,6 +318,17 @@
-         checkWildcard("s*.gouv.uk", false); // 2 character TLD, invalid 2TLD
-     }
- 
-+    @Test
-+    public void testHTTPCLIENT_1255() {
-+        X509HostnameVerifier bhv = new BrowserCompatHostnameVerifier();
-+        X509HostnameVerifier shv = new StrictHostnameVerifier();
-+
-+        String cns[] = new String []{"m*.a.b.c.com"}; // component part
-+        String alt[] = {};
-+        checkMatching(bhv, "mail.a.b.c.com", cns, alt, false); // OK
-+        checkMatching(shv, "mail.a.b.c.com", cns, alt, false); // OK
-+    }
-+
-     // Helper
-     private void checkWildcard(String host, boolean isOK) {
-         Assert.assertTrue(host+" should be "+isOK, isOK==AbstractVerifier.acceptableCountryWildcard(host));
-Index: libhttpclient-java/RELEASE_NOTES.txt
-===================================================================
-diff -u -N -r1400612 -r1406213
---- a/RELEASE_NOTES.txt	(.../RELEASE_NOTES.txt)	(revision 1400612)
-+++ b/RELEASE_NOTES.txt	(.../RELEASE_NOTES.txt)	(revision 1406213)
-@@ -1,3 +1,11 @@
-+Changes since 4.2.1
-+-------------------
-+
-+* [HTTPCLIENT-1255] AbstractVerifier incorrectly parses certificate CN containing wildcard
-+  Contributed by Oleg Kalnichevski <olegk at apache.org>
-+
-+
-+
- Release 4.2.1 
- -------------------
- 
-Index: libhttpclient-java/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java
-===================================================================
-diff -u -N -r1356672 -r1406213
---- a/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java	(.../AbstractVerifier.java)	(revision 1356672)
-+++ b/httpclient/src/main/java/org/apache/http/conn/ssl/AbstractVerifier.java	(.../AbstractVerifier.java)	(revision 1406213)
-@@ -43,8 +43,6 @@
- import java.util.List;
- import java.util.Locale;
- import java.util.StringTokenizer;
--import java.util.logging.Logger;
--import java.util.logging.Level;
- 
- import javax.net.ssl.SSLException;
- import javax.net.ssl.SSLSession;
-@@ -204,9 +202,10 @@
-                                  !isIPAddress(host);
- 
-             if(doWildcard) {
--                if (parts[0].length() > 1) { // e.g. server*
--                    String prefix = parts[0].substring(0, parts.length-2); // e.g. server
--                    String suffix = cn.substring(parts[0].length()); // skip wildcard part from cn
-+                String firstpart = parts[0];
-+                if (firstpart.length() > 1) { // e.g. server*
-+                    String prefix = firstpart.substring(0, firstpart.length() - 1); // e.g. server
-+                    String suffix = cn.substring(firstpart.length()); // skip wildcard part from cn
-                     String hostSuffix = hostName.substring(prefix.length()); // skip wildcard part from host
-                     match = hostName.startsWith(prefix) && hostSuffix.endsWith(suffix);
-                 } else {
-@@ -302,8 +301,6 @@
-             c = cert.getSubjectAlternativeNames();
-         }
-         catch(CertificateParsingException cpe) {
--            Logger.getLogger(AbstractVerifier.class.getName())
--                    .log(Level.FINE, "Error parsing certificate.", cpe);
-         }
-         if(c != null) {
-             for (List<?> aC : c) {
diff --git a/debian/patches/series b/debian/patches/series
index 44d53ad..d39b602 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,3 +1,2 @@
 00-fix_build.patch
 01-generate_osgi_metadata.patch
-02-700268.patch

-- 
httpcomponents-client: HTTP/1.1 compliant HTTP agent Java implementation

